﻿using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.IdentityModel.Tokens;
using StudentCouncil.API.Model;
using StudentCouncil.BLL.Mgr;
using StudentCouncil.Model.Models;

namespace StudentCouncil.API.Controllers
{
    [Route("api/[controller]/[action]")]
    [ApiController]
    public class SecurityController : ControllerBase
    {
        private readonly IHttpContextAccessor HttpContextAccessor;

        public SecurityController(IConfiguration configuration, IHttpContextAccessor httpContextAccessor)
        {
            // 注入configuration 配置，可以访问配置信息
            Configuration = configuration;

            HttpContextAccessor = httpContextAccessor;
        }
        public IConfiguration Configuration { get; }
        [HttpGet]
        public ResultDTO Login(string uid, string pwd)
        {
            var dto = new ResultDTO();

            if (uid == null || pwd == null)
            {
                return dto;
            }
            var res = UserMgr.Login(uid, pwd);
            dto.Status = res != null;
            dto.Data = res;
            string jwt = dto.Status ? GetToken(res) : string.Empty;

            // 构造匿名对象返回，包含token信息
            dto.Data = new { User = res, Token = jwt };

            return dto;
        }
        private string GetToken(User user)
        {
            // 此处秘钥需要和 Startup 中保持一致
            var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Configuration["token:key"]));

            SecurityToken securityToken = new JwtSecurityToken(
                issuer: Configuration["token:issuer"],
                audience: Configuration["token:audience"],
                signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256),
                expires: DateTime.Now.AddMinutes(20),
                claims: new Claim[] {
                    // 增加身份信息，此处设置角色为 Admin，与标签 [Authorize(Roles = "Admin")] 匹配
                    //new Claim(ClaimTypes.Role,user.Roles),
                    new Claim("UserName",user.Name),
                }
            );

            string jwt = new JwtSecurityTokenHandler().WriteToken(securityToken);
            return jwt;
        }

        [HttpPost]
        ///// <summary>
        ///// 更新用户基本信息，但不包含密码
        ///// </summary>
        ///// <param name="entity"></param>
        ///// <returns></returns>
        public ResultDTO SaveUserInfo(User entity)
        {
            ResultDTO result = new ResultDTO();

            result.Status = UserMgr.UpdateInfo(entity);
            return result;
        }
        [HttpGet]
        public  User Getimgurl(int id)
        {
            return UserMgr.Getimgurl(id);
        }
    }
}